PROTECTING AGAINST COUNTERFEIT ELECTRONICS DEVICES

US 20080267408A1
Filed: 04/24/2007
Published: 10/30/2008
Est. Priority Date: 04/24/2007
Status: Active Grant

First Claim

Patent Images

1. In a first device connected with a second device, a method of authenticating the first device, the method comprising:

receiving a first cryptographic key at the first device, wherein the second device has a complementary second cryptographic key;

receiving a data string in a first predetermined memory location, wherein the data string is a random or pseudo-random data string and wherein the data string has a first cryptographic state;

changing the first cryptographic state of the data string to a second cryptographic state with the first cryptographic key; and

writing the data string having the second cryptographic state to a second predetermined memory location.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An optical transceiver module is authenticated in a host system. A host generates a data string and writes the data string to a first predetermined memory location known to the transceiver. The data string is cryptographically altered (either encrypted or decrypted) by the transceiver and written to a second predetermined memory location known to the host. The host retrieves the cryptographically altered data string and performs a complementary cryptographic operation (either a decryption or encryption, respectively) thereon, creating a resulting data string. If the resulting data string is equal to the data string written to the first predetermined memory location, the transceiver is authenticated. The host and the transceiver may switch roles, with the transceiver generating the data string, the host cryptographically altering it, and so on. The host encrypts data strings when the transceiver decrypts data strings, and vice versa.

Citations

21 Claims

1. In a first device connected with a second device, a method of authenticating the first device, the method comprising:
- receiving a first cryptographic key at the first device, wherein the second device has a complementary second cryptographic key;
  
  receiving a data string in a first predetermined memory location, wherein the data string is a random or pseudo-random data string and wherein the data string has a first cryptographic state;
  
  changing the first cryptographic state of the data string to a second cryptographic state with the first cryptographic key; and
  
  writing the data string having the second cryptographic state to a second predetermined memory location.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising, prior to changing the first cryptographic state of the data string, detecting the data string in the first predetermined memory location.
  - 3. The method of claim 1, wherein one of:
    - the first device is a transceiver and the second device is a host system;
      
      orthe first device is a host system and the second device is a transceiver.
  - 4. The method of claim 1, wherein one of:
    - the first cryptographic key is an encryption key and the second cryptographic key is a decryption key;
      
      orthe first cryptographic key is a decryption key and the second cryptographic key is an encryption key.
  - 5. The method of claim 1, wherein:
    - the second device changes the second cryptographic state of the data string from the second predetermined memory location to a third cryptographic state using the complementary second cryptographic key; and
      
      the first device is authenticated if the third cryptographic state matches the first cryptographic state.
  - 6. The method of claim 5, further comprising receiving a different data string each time the first device is authenticated.
  - 7. The method of claim 1, wherein one of:
    - the first cryptographic state is an encrypted state and the second cryptographic state is a decrypted state; and
      
      the first cryptographic state is an unencrypted state and the second cryptographic state is an encrypted state.

8. A method of authenticating a first device connected with a second device, the method comprising:
- receiving a first key that can be used to decrypt and/or encrypt a data string, wherein a first device has a complementary second key that can be used to encrypt and/or decrypt the same data string;
  
  authenticating the first device at least once, wherein a different data string is used for each authentication of the first device, by performing;
  
  generating a first data string;
  
  writing the first data string to a first memory location, the first data string having a first cryptographic state;
  
  retrieving the first data string from a second memory location, wherein the first cryptographic state of the first data string has been changed to a second cryptographic state;
  
  changing the second cryptographic state of the first data string to a third cryptographic state;
  
  comparing the first cryptographic state with the third cryptographic state, wherein the first device is authenticated if the first cryptographic state matches the third cryptographic state.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The method of claim 8, further comprising, in response to determining that the third cryptographic state does not match the first cryptographic state, taking corrective action.
  - 10. The method of claim 9, wherein taking corrective action comprises one or more of:
    - sending an alert, and withholding power from the first device.
  - 11. The method of claim 8, wherein one of:
    - the first device is a transceiver and the second device is a host system;
      
      orthe first device is a host system and the second device is a transceiver.
  - 12. The method of claim 8, wherein the first key comprises one of:
    - a block cipher, a stream cipher, a public key, or a private key.
  - 13. The method of claim 8, wherein the first and third cryptographic state are encrypted states and the second cryptographic state is a decrypted state or wherein the second cryptographic state is an encrypted state and the first and third cryptographic states are decrypted states.
  - 14. The method of claim 8, wherein the first and second memory locations are predetermined memory locations in the first device.
  - 15. The method of claim 14, wherein the first memory location is persistent memory or memory of a controller.

16. In a first device connected to a second device, a method of authenticating the second device, the method comprising:
- receiving an encryption key, wherein a second device has an identical encryption key;
  
  providing a first data string to the second device, wherein the first data string is a random or pseudo-random data string;
  
  receiving a first encrypted data string from the second device;
  
  generating a second encrypted data string by encrypting a second data string, wherein the second data string and the first data string are identical; and
  
  comparing the first encrypted data string and the second encrypted data string, wherein the second device is authenticated if the first encrypted data string and the second encrypted data string are identical.
- View Dependent Claims (17, 18, 19, 20, 21)
- - 17. The method of claim 16, further comprising, prior to providing the first data string to the second device, generating the first data string.
  - 18. The method of claim 16, further comprising, in response to determining that the first encrypted data string and the second encrypted data string are not identical, taking corrective action.
  - 19. The method of claim 18, wherein taking corrective action comprises one or more of sending an alert, and withholding power from the second device.
  - 20. The method of claim 16, wherein one of:
    - the first device is a transceiver and the second device is a host system;
      
      orthe first device is a host system and the second device is a transceiver.
  - 21. The method of claim 16, wherein the encryption key comprises one of:
    - a block cipher or a stream cipher.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
II-VI Delaware, Inc. (Coherent Corp.)
Original Assignee
Finisar Corporation (II-VI Incorporated)
Inventors
Hsieh, John

Granted Patent

US 8,762,714 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/278
CPC Class Codes

G06F 21/44   Program or device authentic...

G06F 21/445   by mutual authentication, e...

G06F 21/70   Protecting specific interna...

H04L 63/12   Applying verification of th...

H04L 9/3271   using challenge-response

PROTECTING AGAINST COUNTERFEIT ELECTRONICS DEVICES

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

PROTECTING AGAINST COUNTERFEIT ELECTRONICS DEVICES

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links